Bit9 Hacked, Stolen Certs Used To Sign Malware

tsu doh nimh writes “Bit9, a company that provides software and network security services to the U.S. government and at least 30 Fortune 100 firms, has suffered a compromise that cuts to the core of its business: helping clients distinguish known ‘safe’ files from computer viruses and other malicious software. A leading provider of ‘application whitelisting’ services, Bit9’s security technology turns the traditional approach to fighting malware on its head. Antivirus software, for example, seeks to identify and quarantine files that are known bad or strongly suspected of being malicious. In contrast, Bit9 specializes in helping companies develop custom lists of software that they want to allow employees to run, and to treat all other applications as potentially unknown and dangerous. But in a blog post today, the company disclosed that attackers broke into its network and managed to steal the digital keys that Bit9 uses to distinguish good from bad applications. The attackers then sent signed malware to at least three of Bit9’s customers, although Bit9 isn’t saying which customers were affected or to what extent. The kicker? The firm said it failed to detect the intrusion in part because the servers used to store its keys were not running Bit9’s own software.”

Share on Google+

Read more of this story at Slashdot.

via Slashdot http://it.slashdot.org/story/13/02/08/2237201/bit9-hacked-stolen-certs-used-to-sign-malware?utm_source=rss1.0mainlinkanon&utm_medium=feed

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: